Get a Pentest and security assessment of your IT network.

News

Severe RCE vulnerability affected popular StackStorm Automation Software

Security researcher Barak Tawily has discovered a severe vulnerability in StackStorm. The flaw could be exploited by a remote attacker to trick developers into executing arbitrary commands on targeted services. The vulnerability tied the way the StackStorm REST API improperly handled CORS (cross-origin resource sharing) headers, allowing web browsers to perform cross-domain requests on behalf of authenticated users/developers. StackStorm has been used to automate workflows in many industries, it allows developers to configure actions, workflows, and scheduled tasks.”]

Source: https://securityaffairs.co/wordpress/82259/security/stackstorm-rce-flaw.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2